REMARKS 



Claims 1, 3-7, 9-10, and 16-27 are pending in the present application. By this 
Response, claims 1, 3, 7, 9, 10, and 16-20 are amended, claims 2, 8, and 11-15 are 
canceled, and claims 21-27 are added. Claims 1,16, and 17 are amended to recite 
"receiving, in response to a coupling of a separate hardware security device to the data 
processing system, credential information for each application of the plurality of 
applications that the user uses from the separate hardware security device into an 
authentication credential container associated with the user." Support for these 
amendments may be found at least at page 19, paragraph [0046] of the present 
specification. Claim 1 is further amended to recite "wherein the view is a consolidated 
user directory that contains user authentication information across the totality of 
applications". Support for this amendment may be found at least in original claim 2 and 
at page 19, paragraph [0046]. Claim 7 is amended to incorporate the subject matter of 
claim 8 in the alternative and claim 9 is amended to be consistent with the amendments to 
claim 1. Claims 1, 3, 7, 9, 10, 16, 17, and 18 are further amended where appropriate to 
replace the term "totality" with the term "plurality." Claims 19 and 20 are amended to 
correct their preambles to reference the "method" of their parent claim. Claims 21-27 are 
added to recite additional features of the invention. Support for the addition of claims 21- 
27 may be found in originally presented claim 18 and in Figure 7 of the present 
specification. No new matter has been added by any of the above amendments or new 
claims. Reconsideration of the claims is respectfully requested in view of the following 
remarks. 

I. Telephone Interview 

An interview with the Examiner was not able to be scheduled prior to the filing of 
this Response. Accordingly, Applicant respectfully requests that the Examiner contact 
Applicant's undersigned representative at the telephone number listed below before 
further action on the application if an interview has not been conducted prior to that time. 
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II 



Rejection under 35 U.S.C. $ 112, Second Paragraph 



The Office Action rejects claims 1-3, 10-13, and 15-18 under 35 U.S.C. § 112, 
second paragraph as allegedly being indefinite because the word "totality" does not 
appear in the specification and thus, the use of this word in the claims allegedly 
constitutes new matter. Applicant respectfully disagrees. However, in an effort to 
advance the prosecution of this application toward allowance, the term "totality" has been 
replaced with the term "plurality" by this Response in all instances. The Office Action 
admits that the specification provides support for the use of the term "a plurality of 
applications" and thus, this change in terminology does not raise the issue of new matter. 
Accordingly, Applicant respectfully requests withdrawal of the rejection of claims 1-3, 
10-13, and 15-18 under 35 U.S.C. § 1 12, second paragraph. 

III. Rejection under 35 U.S.C. $ 103(a) Based on Schaeck and Cotte 

The Office Action rejects claims 1,3,6, 11, 13, 15, 16, and 17 under 35 U.S.C. § 
103(a) as being allegedly unpatentable over Schaeck et al. (U.S. Patent Application 
Publication No. 2003/0163513) in view of Cotte (U.S. Patent Application Publication No. 
2004/0013132). This rejection is moot with regard to canceled claims 11, 13, and 15, and 
is respectfully traversed with regard to the remaining claims. 

Amended claim 1, which is representative of the other rejected independent 

claims 16 and 17 with regard to similarly recited subject matter, reads as follows: 

1 . A method, in a data processing system, for providing a system 
administrator with a view of a plurality of applications accessible by a 
user, comprising: 

receiving, in response to a coupling of a separate hardware security 
device to the data processing system, credential information for each 
application of the plurality of applications that the user uses from the 
separate hardware security device into an authentication credential 
container associated with the user; 

identifying the plurality of applications accessible by the user by 
examining the authentication credential container associated with the user; 

generating a view of the plurality of applications accessible by the 
use r, wherein the view is a consolidated user directory that contains user 
authentication information across the plurality of applications ; and 
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displaying the view to the administrator, 
(emphasis added). 

Applicant respectfully submits that neither Schaeck nor Cotte, either alone or in 
combination, teach or suggest the features emphasized above in claim 1 , or the similar 
features found in claims 16 and 17. 

Schaeck is directed to a mechanism for providing role based views of business 
web portals. With the mechanism of Schaeck, an aggregated service is comprised of one 
or more software resources. A role-specific portlet for each role supported by a particular 
one of the software resources is provided. A linkage between the role-specific portlets 
and the roles of the particular software resources is provided. At run time, a user role 
corresponding to a user of the aggregated services is obtained and a corresponding one of 
the role-specific portlets is programmatically selected to thereby provide a role-specific 
view of the aggregated service. The mechanism further determines which of the software 
resources to invoke to position the user's entry point into the aggregated service and uses 
the obtained role to select a role specific view of the determined software resource. 

While Schaeck teaches to aggregated portlets for a user into an aggregate portal 
page view (see Figure 7 of Schaeck), nowhere in Schaeck is there any teaching or 
suggestion regarding "receiving, in response to a coupling of a separate hardware security 
device to the data processing system , credential information for each application of the 
plurality of applications that the user uses from the separate hardware security device into 
an authentication credential container associated with the user" as recited in claims 1,16 
and 17. To the contrary, in Figure 7 of Schaeck it is clearly shown that the user is 
presented with available services, the user selects a service, and based on the user's role, 
portlets associated with the service are selected and combined into an aggregate portal 
page that is presented to the user. Schaeck provides no teaching or suggestion regarding 
a separate hardware security device, let alone receiving credential information for each 
application of a plurality of applications that the user uses from the separate hardware 
security device in response to the separate hardware security device being coupled to a 
data processing system. 



Page 11 of 17 
PengT. Ong- 10/617,607 



Moreover, Schaeck does not teach that the view that is generated is a consolidated 
user directory that contains user authentication information across a plurality of 
applications. To the contrary, the "view" that is generated in Schaeck is a portal page 
that has the portlets for a selected service. There is no teaching or suggestion in Schaeck 
that this portal page contains user authentication information across a plurality of 
applications. To the contrary, as described in paragraph [0073] of Schaeck, the portlets 
provide different interfaces for different user roles. In paragraph [0081] Schaeck teaches 
that the user's role is determined based on the user's login information, but this does not 
teach or suggest that the actual view that is generated in Schaeck contains user 
authentication information across a plurality of applications . 

Cotte does not teach or suggest these features either, whether Cotte is taken alone 
or in combination with Schaeck. Cotte is cited as alleged teaching a plurality of 
applications at paragraph [0116]. Cotte is directed to a multiprotocol communications 
environment. In paragraph [0116] of Cotte, all that is taught is that it is possible to access 
a telecommunications portal in order to retrieve data about different telecommunications 
web sites residing on that telecommunications portal in total. There is nothing in Cotte 
that teaches or suggests the specific features of claim 1 discussed above with regard to 
Schaeck. Merely providing a telecommunications portal that provides information about 
telecommunications web sites has nothing to do with identifying a plurality of 
applications that a user may access from a separate hardware security device in response 
to such a device being coupled to a data processing system or that a view that is presented 
is a consolidated user directory that contains user authentication information across the 
plurality of applications. 

Thus, for at least the reasons set forth above, Applicant respectfully submits that 
neither Schaeck nor Cotte, taken alone or in combination, teaches or suggests the features 
of independent claim 1. Claims 16 and 17 recite similar features to the "receiving..." 
feature of claim 1 and thus, these claims define over the alleged combination of Schaeck 
and Cotte for similar reasons as set forth above with regard to this feature. Claims 3 and 
6 depend from claim 1 and thus, are distinguished over Schaeck and Cotte at least by 
virtue of their dependency. Accordingly, Applicant respectfully requests withdrawal of 
the rejection of claims 1, 3, 6, 16, and 17 under 35 U.S.C. § 103(a). 
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IV. Rejection under 35 U.S.C. § 103(a) Based on Schaeck and Cotte 

The Office Action rejects claims 2, 4, 5, 7-10, 12, 14, and 18-20 under 35 U.S.C. 
§ 103(a) as being allegedly unpatentable over Schaeck et al. (U.S. Patent Application 
Publication No. 2003/0163513) in view of Cotte (U.S. Patent Application Publication No. 
2004/0013132) and further in view of Delany et al. (U.S. Patent Application Publication 
No. 2002/0138763). This rejection is moot with regard to canceled claims 12 and 14, and 
is respectfully traversed with regard to the remaining claims. 

The Schaeck and Cotte references are addressed above with regard to independent 
claims 1,16 and 17, from which claims 2, 4, 5, and 7-10 depend. Delany is cited as 
allegedly teaching a consolidated directory of applications at paragraph [0113] and 
[0129]. Paragraph [01 13] of Delany merely teaches that a user may dynamically join a 
group that has access to the applications that they need and a light weight directory 
protocol (LDAP) filter may be used to automatically add or remove users if they meet 
criteria in the LDAP filter. Paragraph [0129] of Delany teaches LDAP directories. 
Neither of these sections of Delany provide any teaching or suggestion regarding the 
specific features missing from Schaeck and Cotte discussed above. Thus, even if Delany 
were somehow combined with Schaeck and Cotte, arguendo, the result still would not 
teach or suggest the features of the invention claimed in claims 1,16 and 17 that are 
missing from all three of these references. Therefore, dependent claims 2, 4, 5, and 7-10 
which incorporate the features of their independent claim, are also distinguished over the 
alleged combination of Schaeck, Cotte, and Delany. 

With regard to independent claim 18, this claim recites: 

18. A method for providing a system administrator with a consolidated 
directory of a plurality of applications accessible by a user, the method 
comprising: 

identifying the plurality of applications accessible by the user by 
examining authentication credential container of the user; 

generating a directory of the plurality of applications accessible by 
the user; and 

displaying the directory to the administrator; 

the directory comprising: 

a name of the user; 
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a list of keys employed by the user also detailing the type and 
serial number of each key; 

a profile of the user detailing a role of the user, a name of the user, 
an email address of the user, a department of the user, an employee ID of 
the user, and any additional attributes of the user that have been specified; 

a means of updating and resetting the profile; 

a list of certificate-enabled applications accessible by the user also 
specifying a user name of the user and a last login attempt of the user; 

a means of deleting the user name of the user; 

a list of enterprise applications accessible by the user also 
specifying a user name of the user and a last login attempt of the user; and 

a list of personal applications accessible by the user also specifying 
a number of accounts connected to each personal application , 
(emphasis added). 

In rejecting claim 18, the Office Action states, in pertinent part: 

Regarding Claim 18, Schaeck discloses a method for providing a 
system administrator with a consolidated directory of a totality of 
applications accessible by a user, the method comprising: 

. . .(there is no disclosure in the specification or the original claims 
to display a totality of applications accessible. This is new matter and will 
not be addressed)... 

e) a list of keys employed by the user also detailing the type and 
serial number of each key; (There is no disclosure in the specification or 
the original claims that keys are stored in the directory. This is new matter 
and will not be addressed.) 

h) a list of all certificate enabled applications accessible by the user 
also specifying a user name of the user and a last login attempt of the user; 
(There is no disclosure in the specification or the original claims that a last 
login attempt is stored or processed, and to display a list of all certificate 
enabled applications. This is new matter and will not be addressed) 

j) a list of all enterprise applications accessible by the user also 
specifying a user name of the user and a last login attempt of the user; 
(There is no disclosure in the specification or the original claims that a last 
login attempt is stored or processed. This is new matter and will not be 
addressed) and 

k) a list of all personal application accessible by the user also 
specifying a number of accounts connected to each personal application; 
(There is no disclosure in the specification or the original claims to display 
a list of the number of accounts connected to each personal application. 
This is new matter and will not be addressed). . . 
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Applicant respectfully disagrees with the Examiner that these features are not set forth in 
the specification. The issue regarding the use of the term "totality" in the claims has been 
addressed above with the amendment to replace the term "totality" with "plurality." 
Moreover, each of the other features set forth in claim 18 that the Examiner alleges is not 
disclosed in the specification is specifically shown in Figure 7 of the present application 
which is referred to by the specification on page 1 9, paragraph [0046] as being a 
consolidated directory view as presented to the administrator according to one 
embodiment of the invention. A copy of Figure 7, with annotations to show the various 
portions of this exemplary consolidated directory that correspond to features in claim 18, 
is included here for the Examiner's consideration: 
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FIG. 7 



For example, portion A of the annotated Figure 7 shows the list of keys for a user, 
i.e. user Jennifer I. Peirce. It can be seen that this list of keys has a type field, a serial 
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number field, and an other field. Portion B corresponds to a list of all certificate enabled 
applications. It can be seen that this list of certificate enabled applications has a field for 
a name of the application, a user name and a last logon attempt. Portion C provides a list 
of all enterprise applications for the user. It can be seen that the listing of enterprise 
applications includes a field for an application name, a user name, and a last logon 
attempt. Portion D provides a listing of all personal applications for the user. It can be 
seen that the listing of personal applications has a field for the name of the application 
and a field for the number of accounts for each personal application. Thus, each of the 
features of claim 18 that the Examiner alleges are not taught in the specification are 
clearly shown in Figure 7. 

Therefore, the Examiner cannot summarily dismiss these features when 
examining the claim. Moreover, none of these features are taught or suggested by any of 
the cited references and the Office Action has failed to show where any of these features 
are taught or suggested by any of the references. Thus, the Office Action has failed to 
establish a prima facie case of obviousness with regard to at least these features of claim 
18 and, at least by virtue of their dependency, claims 19-20. Accordingly, Applicant 
respectfully requests withdrawal of the rejection of claims 2, 4, 5, 7-10, 12, 14, and 18-20 
under 35 U.S.C. § 103(a). 

V. Newly Added Claims 

Claims 21-27 are dependent claims from claim 1 but recite features similar to 
those set forth in claim 18. The features of these claims have not been shown to be 
taught or suggested by any of the cited references and thus, these claims are allowable 
over the alleged combinations of references. 
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VI. Conclusion 



It is respectfully urged that the subject application is now in condition for 
allowance. The Examiner is invited to call the undersigned at the below-listed telephone 
number if in the opinion of the Examiner such a telephone conference would expedite or 
aid the prosecution and examination of this application. 



Respectfully submitted, 



DATE: 




Reg. No. 41,534 

Walder Intellectual Property Law, P.C. 

P.O. Box 832745 
Richardson, TX 75083 
(214) 722-6419 

ATTORNEY FOR APPLICANT 
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